Forescout Platform Reviews

We've been able to use the solution for a couple of tasks including using it to monitor for anti-virus compliance. We also use it to monitor the health of the security history of our endpoints.

It's a great solution. We use it for the internet here and it's been helpful. It's a great product for our Mac PCs and we can implement it to both our wireless and our wired network.

It's very quick.

The compliance aspects of the solution are excellent and one of the solution's best features. It helps us maintain the compliance of our endpoints.

In terms of physical tools, we are very satisfied.

In our organization, the solution provides us with a sound perimeter. 

The user interface is quite simple.

The version we're currently on, 8.6, has a lot more plugins than past versions. Now you can plug in anything you want. It helps us to utilize the product more fully.

There's always room for improvement for the solution. Off the top of my head, I really can't determine anything that is lacking right now. Basically there is no room for improvement that I can describe.

The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup.

The solution has very good uptime, and we have had no issues at all in terms of stability.

We didn't have any issues with the ForeScout scalability. So far, we've agreed with the pricing required for both the hardware and the software. 

We haven't been in touch with technical support, so I can't speak to their level of service and how they interact with clients.

The solution is not that simple, however, it's not complex, either. It's a solution that does so much it needs a bit of understanding to properly use it. Once team members go for basic training, they should be able to handle it. The basic training will also give team members a networking background to be able to master the solution. It's not very difficult, but a person will have to be a bit technical.

I'd advise companies to ensure their teams are well trained in ForeScout before starting implementation of any kind. Those setting up and using the solution should have a basic background in networking. If users are comfortable with configuring, they can create processes for the environment. That way, it will be deployed properly.

Teams should also test the solution first before they launch so there won't be any surprises. If they need to make changes, they need to manage the process properly.

I'd rate the solution nine out of ten. If it was a bit less complex, I'd give it perfect marks.

Right now, we are looking to implement the solution in a hospital where a lot of people come to the lobby and are outsiders or guests. The VOD and guests' mobile phones will be able to connect to the Wi-Fi. This is the latest use case we are working on.

The solution offers very good management.

It allows for good detection of all the vendor products we have on-site.

The solution is very similar to other solutions, so it's not hard to figure out how to use it.

The solution could always improve by adding more features to make it more robust.

I deployed the solution for one project about a year and a half ago. I may implement another one for another project this year.

The scalability is quite good. It does depend on the complexity of the setup, but for our purposes, we've never run into any issues.

We've never had to contact technical support. We've never had a need to do so yet. I can't speak to the level of service they provide. We have our own team in-house that will troubleshoot if we run into problems.

The initial setup is pretty straightforward. It's not complex.

It took us about one week to deploy the solution. It didn't take long to set everything up.

I'm basically focusing on the product line right now. It's pretty good. The nice thing about it is that at last, we have a kind of software that's very easy to work with.

While most people in most of the cases do not want to go for Mac, in the case of cybersecurity, I believe it is very important to do so. In enterprise cases, the common culture is the DYD. Organizations need to add some sort of network access control to prevent many issues.

I'd rate the solution itself eight out of ten overall. It's quite good, but it could always continue to improve.

The visibility is the main benefit. We now know how many devices are connected, what the use for each device is and what kind of devices we have in our environment.

I can create granular policies. This is amazing. I really appreciate the granularity to create policies.

They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment.

The interface of this solution and the integration part needs improvement. The difference between the 7th and the 8th version is the dashboard. They should improve it. 

We never had a problem with this product. It has worked very well.

It's very simple to scale and to implement more devices and licenses. It's easy to grow.

We haven't had to use their technical support. 

We switched because ForeScout is the best tool for Mac. 

The initial setup was very easy, very simple to deploy. We didn't have problems or difficulties with the implementation.

We also looked at Fortinet. 

I would rate this solution an eight out of ten because it's the best solution. 

I would advise someone considering this or a similar solution to make sure that the solution works with a lot of vendors. Choose a product that doesn't change your environment.

The use case is for a compliance check for the users who get into your organization. We identify the host for Windows PC, Mac, Linux, and servers. These are some of the use cases for user control and policy management. Some of the other use cases are to kill some applications and peer-to-peer applications. It's mainly for visibility and control, and we also integrate with various firewalls and other system security solutions. For example, LogRhythm, Splunk, Qreader, McAfee Orchestrator, and Trend Micro.

I work on multiple technologies and security technology. The solution is deployed on-premise. We don't use it for our own company. We are the system integrators and we deploy for various customers across the region we work with and we deploy most of the verticals.

This is far better than any other Mac solution. Within three or four days, we have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly.

When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with.

They already support some 63,000 plus vendor models. They are also upgrading it, and they have two million plus devices in a single deployment. Maybe there are some legacy tools with support. I know they're working very hard on the OT infrastructure and OT side of integration, but I'm not into OT side.

I have been using this solution for three years.

I don't see any issue with stability. I'm not hearing from any customers who are reporting any issues about stability. They are mostly looking for compliance and operation security.

The solution is absolutely scalable.

Technical support is good. I don't see any issues. The type of support you get depends on the contract that you sign. They're timely and the support is good.

The amount of time it takes for deployment depends on how many branches you have, whether it's a central deployment or a hybrid. It depends on how you want to use the solution. It varies but if it is only central deployment for a couple of branches, we can do it in a minimum of one month.

The number of people it takes for deployment just depends. One engineer can do it, but you also need support from the customer. You should have very good system administrators, or some network engineers to support you in terms of various authentication integrations. There should be a minimum of one from the deployment side, two from the customer side.

I would rate this solution 7 out of 10. I'm not sure about the OT side, but the visibility, control, orchestration, dashboard, and reporting are all good.

My advice is that you really need to understand the prerequisites of the use cases if you want to deploy the solution. You should also understand what kind of services they should open and the security rules—a firewall. They should have a clear understanding of how it is being designed and the architecture. If you know, it's easy for deployment, otherwise you will get stuck.

Primarily used to define which host to admit onto the network, by tying a policy to the MAC address.

Identifying issues on why some hosts are not on the network, and assisting with possible remediation options.

• SNMP Traps on switches
• Getting the MAC address of the host from the ARP table of the switch and applying policy.

• Battled with the use of SNMP v1 instead of v2c
• Direct web interface rather than installation of a client.

The main feature, the NAC engine, is very flexible since ForeScout CounterACT doesn’t need the use of 802.1x and can work with almost all switch vendors.

Since my company is a systems integrator, we have ForeScout CounterACT in our lab just to test or troubleshoot customer configurations.

There isn’t a specific area to improve. It’s a good product from my point of view. Maybe the licensing and cost can be improved.

No issues with deployment.

Haven't had issues with stability.

Haven't had to scale it.

Maybe test the configuration very well before enabling actions (like VLAN moving, Captive Portal), because they can cause many problems in production environments if there are configuration mistakes.

To find out what devices are in the network for our clients. We manage client's networks, so we have it on the client's network and they use it so they can make sure they know who's on the network and if it's secure.

We really like that we get full visibility of devices in the local network.

It could be better, they could work on the wide-area network and easier because it's a bit clumsy at the moment when we go on to a remote site. It works well in the head office but we've had challenges trying to install it across other sites. So pricing and support for branch offices. The interface is okay for the local office, but it's hard to get visibility from remote branches.

We have been using the Forescout Device and Visibility Control Platform for about two years.

The Forescout Platform is very stable.

It's scalable, but not without a big investment. It doesn't do so well at the branch. At the home office, it does okay and not so well at the branch.

We have used technical support, it's been fine.

The initial setup of Forescout Device and Visibility Control Platform is fairly complex.

The Forescout Device and Visibility Control Platform is quite expensive. I would recommend it depending on the environment, but I would tell them to look at things that depend on their environment. There is other software as well.

I would rate the Forescout Device and Visibility Control Platform at a six out of ten.

The most valuable feature for us is the visibility into all connected devices. Also, the plugins are very robust -- the ability scanner, patch management system, and SQL integrator.

You can query a lot of information from the connected device, including their compliance statuses.

We've had no issues with deployment.

It's a stable solution.

There have been no issues with scaling it.

The initial setup was complex, but that was due to the nature of the network architecture.

We didn't look for other solutions.

Have a clear understanding and document the network architecture before you deploy it.